Open cmsmith1977 opened 9 years ago
johnnykv
commented
9 years ago Dropping privileges has been removed in the latest release, in essence the problem is that if we drop privileges on the drones they cannot bind to ports below 1024 anymore. One workaround would be using linux capabilities as described in #199.
cmsmith1977
commented
9 years ago That will work!
You can also setup iptables rules (in Linux) to forward the low number ports to high number ports and set beeswarm to use high number ports.
johnnykv
commented
9 years ago One of the problems with port forwarding is that the Beeswarm system will loose track of the original ports - and that will make it impossible for the Beeswarm server to correlate honeypot sessions and client session.
cmsmith1977
commented
6 years ago using iptables is not really port forwarding, rather port re-writing so the source ports remain unchanged.
It would be nice to be able to specify the drop_privileges user and group in the beeswarmcfg.json